Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security

Cancer Patient Forced To Make Terrible Decision After Ransomware Attack On London Hospitals (theregister.com) 115

An anonymous reader quotes a report from The Register: The latest figures suggest that around 1,500 medical procedures have been canceled across some of London's biggest hospitals in the four weeks since Qilin's ransomware attack hit pathology services provider Synnovis. But perhaps no single person was affected as severely as Johanna Groothuizen. Hanna -- the name she goes by -- is now missing her right breast after her skin-sparing mastectomy and immediate breast reconstruction surgery was swapped out for a simple mastectomy at the last minute. The 36-year-old research culture manager at King's College London and former researcher in health sciences was diagnosed with HER2-positive breast cancer in late 2023. It's an aggressive form known for spreading faster and is more commonly recurring, which necessitates urgent treatment. Hanna soon began a course of chemotherapy following her diagnosis until she was able to have what will hopefully be the first and only major procedure to remove the disease. Between then and the operation, which was scheduled for June 7 -- four days after the ransomware attack was carried out -- she had been told repeatedly that the planned procedure was a skin-sparing mastectomy which would have allowed surgeons to cosmetically reconstruct her right breast immediately after the operation.

How the ordeal actually unraveled, however, was an entirely different story. Hanna was given less than 24 hours by doctors to make the daunting decision to either accept a simple mastectomy or delay a life-changing procedure until Synnovis's systems were back online. The decision was thrust upon her on the Thursday afternoon before her Friday surgery. This was after she was forced to chase the medical staff for updates about whether the procedure was going ahead at all. Hanna was told on the Tuesday of that week, the day after Qilin's attack, that despite everything going on, the staff at St Thomas' hospital in London were still planning to go ahead with the skin-sparing mastectomy as previously agreed. Per the updates Hanna requested on Thursday, it was strongly suggested that the operation was going to be canceled. The hospital deemed the reconstruction part of the procedure too risky because Synnovis was unable to support blood transfusions until its systems were back online.

The ransomware attack wasn't easy on hospitals. The situation was so dire that blood reserves were running low just a week after the attack, prompting an urgent appeal for O-type blood donations. For Hanna, though, this meant she had to make the unimaginably difficult choice between the surgery she wanted, or the surgery that would give her the best chance at survival. The mother of two young children, aged four and two, felt like she had no other choice but to accept the simple mastectomy, leaving her with only one breast. [...] At the time of writing, it's now nearly five weeks since Qilin's attack on Synnovis -- a pathology services partnership between Synlab, Guy's and St Thomas' NHS Foundation Trust, and King's College Hospital NHS Foundation Trust. The most recent update provided by the NHS said disruption to services was still evident across the region, although some services such as outpatient appointments are returning to near-normal levels.
Between June 24-30, there were 1,517 cute outpatient appointments and 136 electric procedures that needed to be postponed across the two NHS trusts partnered with Synlab. "The total number of postponements for the entire month since the attack took hold (June 3-30) stand at 4,913 for acute outpatient appointments and 1,391 for elective procedures," notes the report.
This discussion has been archived. No new comments can be posted.

Cancer Patient Forced To Make Terrible Decision After Ransomware Attack On London Hospitals

Comments Filter:
  • by vaceituno ( 665272 ) on Saturday July 06, 2024 @08:18AM (#64604921) Homepage
    I was working for the company that managed the systems of the Royal Marsden and Chelsea and Westminster hospitals ten years ago. I insisted they patched their Windows servers, and I warned they could be affected by a ransomware worm. After several months of inaction, Wannacry hit, putting them off line for a couple of days. I dont know how this particular attack unraveled, but it seems not much has changed in the NHS.
  • by alvinrod ( 889928 ) on Saturday July 06, 2024 @08:19AM (#64604925)
    The people who carry out these sorts of attacks are little different than conventional terrorists. Perhaps after they start finding a few of their fellow tradesmen spread across 20 different trash bins they'll get the message. If the host country for these criminals is that terribly upset by the extra judicial killings, perhaps they can start to respond to requests from law enforcement agencies and extradition requests.
    • The people who carry out these sorts of attacks are little different than conventional terrorists. Perhaps after they start finding a few of their fellow tradesmen spread across 20 different trash bins they'll get the message. If the host country for these criminals is that terribly upset by the extra judicial killings, perhaps they can start to respond to requests from law enforcement agencies and extradition requests.

      I'm thinking that even if such a fantasy initially succeeded as you imagine it, the immediate result would be that these groups would increase their security and hire armed protection, the same way that the drug gangs in South and Central America became narco-terrorist groups -- and those hacker gangs with ties to the Russian government would receive (additional) Russian government protection.

      • Re: (Score:3, Interesting)

        by rsilvergun ( 571051 )
        The only real way you stop organized crime is by having a strong economy so they can't recruit desperate people. The vast majority of people don't want to be criminals. If you look into the ransomware operations they are just run by regular people treating it like a day job because they need a job and it's right there.

        This is going to continue until we shift from a competitive dog eat dog society to a more cooperative one.

        Put from the time you can understand words you're taught there's nothing bette
        • by alvinrod ( 889928 ) on Saturday July 06, 2024 @10:12AM (#64605071)
          You assume the only people who commit crime do so because they are desperate. This is not the case and there will always be people who will try to take an easy path. Organized crime will always exist to serve black markets. As long as people want drugs, sex, or whatever other illegal goods or services, someone will find it profitable to supply them. Organized enterprises merely deliver those more efficiently just as in any other industry.

          Competition is what drives increases in productivity and wealth. If this weren't the case, you'd be in favor of monopolies. You've regurgitated something you heard online, but I don't think you even considered applying it to yourself to question what you might believe. I'd encourage you to go live in a communist country as it might be enough of a shock for you to realize that it isn't going to work. Everyone else here is at least wise enough to learn from the mistakes of the other countries that tried and failed and have no desire to burn ourselves on that same stove for your sake.
          • by HBI ( 10338492 ) on Saturday July 06, 2024 @10:38AM (#64605115)

            I grew up around organized crime (the Goodfellas kind...) and it is done for two reasons. The first is that the people involved in that world are more or less noncompetitive in the standard economy. My "Uncle" Bobby who used to kill people and throw them in the swamp around NYC was a pretty unintelligent dude. Simple, loyal, with very little in the way of emotional resilience. You could piss him off easily. Scary. He used that fear most often in compelling collections. I mean, he would break your legs, but he didn't really want to. He just wanted the money to hand off to his bosses. He wouldn't have done well in a regular job. He would come by my parents house when he needed to hide out for a while. He'd get kicked by my stepfather after a bit because he was disruptive - trying to control the household according to his ideas of right and wrong. My sister would be out too late with her boyfriend and he'd get involved. I know that seems strange in a hoodlum and a killer, but there it is.

            The bosses are different. They are probably capable of making money elsewhere, but for egotistical reasons they like that world. They mostly aren't psychopaths or even unreasonable people. They do like their deference. It's like divine right of kings or something, they want to be treated as someone special and important. They're willing to pay off various parts of the government to continue that. To get easy time in prison, etc. And they get all teary-eyed at Sinatra's "My Way" for that reason.

            Anyway my point here is that nothing you can do economically can get rid of organized crime. They'll be there regardless of tax regimens. If you went totally laissez-faire in regards say, drug laws, they'd still be there. They are certainly there in communist regimes - ask anyone from the East Bloc pre-1990 or so.

            • Where two of the monsters try to shake down a manager at a Starbucks and the manager has to explain to them that it doesn't work because corporate would figure out the money's gone and just fire him.

              There's a crazy religious asshole who was using public land without paying for it like you're required to and he had a standoff with the cops where he eventually won because the cops didn't want to just shoot the guy and his dip shit followers. Yes he was a white guy how did you guess?

              Anyway the dumb fuc
              • by HBI ( 10338492 )

                The protection racket works against small time people. Corporate entities and key public resources like hospitals were never the targets of same; they have government protection. The small time racket works because no one cares about the corner store much. The 'protection' is made up of people who are paid off by the racketeers.

                I doubt the guy who didn't get shot didn't get shot because he was white. The amount of restraint used in cities where the crime rate is something like 5-10x higher than elsewher

              • Re: (Score:2, Troll)

                Where two of the monsters try to shake down a manager at a Starbucks and the manager has to explain to them that it doesn't work because corporate would figure out the money's gone and just fire him.

                You ripped that off from an episode of the Sopranos:

                https://www.youtube.com/watch?... [youtube.com]

                Anyways what's funny about all of this is your rather shit understanding of how all of that works. Patsy is running his own extortion racket. He's not desperate. He's not even poor. This is just how he does "business". If you saw the show and you think any of those guys are "desperate" then well...you're a moron, but that comes as a surprise to nobody. All of them, from the soldiers to the capos to the bosses, are anything

          • nirvana fallacy
          • We know that crime is a problem of poverty because rich CEOs never commit crime. /s
        • by dskoll ( 99328 ) on Saturday July 06, 2024 @11:23AM (#64605213) Homepage

          Unfortunately, in many (most?) cases, the cybercriminals are half a world away from their victims, so even strengthening our economy and making our societies more equitable won't do anything to address the problem.

          (Not that would shouldn't make the improvements you suggest, of course.)

        • Thanks.

        • Sometimes it's not so simple.

          If you can get a good job for 10k a month, and be a criminal and possibly clear 100k or more a month, the temptation can be too much. Especially if there is a reasonable chance that nothing bad will happen to you.

          Like the people who created the ransomware - they are skilled. And can probably get a good job with decent pay easily with their skills. But that doesn't mean that greed doesn't take place at times.

        • PUrely cooperative societies only work with small populations, where community standing based on how much you help, honesty, etc. determines your place. Violating that can get you ostracised, which is a de facto death sentence.
          In larger communities, this doesn't work so well.
      • They'd stay the hell away from hospitals and find some other illegal activity that won't get them killed.

        A government supporting it directly or close enough is asking for trouble. It's one thing to not give a rat's ass about criminals operating in your country that aren't causing problems locally, but another entirely to offer them any kind of official support.
      • My fantasy for stopping many tech crimes, is a nuclear war between Pakistan, India, and China.
      • The punishments for a crime should adjust based on the possibility of being caught. For example, a simple crime - like petty theft - has a pretty high level of being caught, and as a result the punishment should be of a reasonable level. Those pondering such crimes will realize that while the punishment isn't high, the possibility of being caught is high, and this serves as a deterrent.
        However, when the possibility of being caught is excessively low, the punishment needs to be excessive to act as a deterren
    • No. DO "Special" surgeries on them. Make them SUFFER. (Why yes, I AM a monster. And still LESS of a monster than those!)

    • No, don't mutilate the body like that to "send a message", that could leave them with the impression this was a random attack on a random person. We need an identifiable body afterwards. We also need to make up for a shortage of blood in our blood banks. If we find the people responsible then force them to donate blood to make up for the shortage, taking about a gallon of blood should be a proper punishment.

      I'm looking for someone to pay for this but if the worst of this is a botched breast reconstructio

      • not just all their blood, kidknap them, and arrange for all their organs be removed forctransplant, then once they are stripped of all usable parts (like stripping parts off a stolen car) take the corpse back to their residence with a video of the procedure on a thumbdrive
        • I feel like I'm in some alternate reality of Slashdot where we don't assume that everyone will get along in a socialist society. Something about information not wanting to be free, and everyone preferring a heavy handed government with absolute control.

          What's next, an article talking about the brutal punishment that Wikileaks contributors should be subject to?
          • I feel like I'm in some alternate reality of Slashdot where we don't assume that everyone will get along in a socialist society.

            Probably because in the current reality, nobody would, nor have they when it was implemented.

    • Wow. Judging by the thread... /. is out for blood today.

      Perhaps tone it down a little? There's far easier, and legal, methods to prevent these attacks than blatant premeditated mass murder.
    • At the very least they should be charged with something like conspiracy for attempted mean slaughter. Hacking actions that target institutions that care for peopleâ(TM)s lives should all be covered by that and IMO should result in stiffer sentencing than targeting something like a bank.

    • by quax ( 19371 )

      Many of them are state sponsored terrorists.
      https://www.cisa.gov/news-even... [cisa.gov]

    • The people carrying out these operations are mostly slaves. This is why we have actual justice systems; to avoid crazy, misanthropic, violent shit like you propose.

    • by gweihir ( 88907 )

      You seem to be really stupid and uneducated. And violent in addition. Great combination!

      The reason assassinations are not done in civilized society is that that they are routinely abused and routinely hit the wrong people. Ever heard of due process? Apparently not.

      Incidentally, that would not fix the problem at all. Criminals never expect to get caught. And breaking into IT systems is often laughably easy these days and _that_ is the real problem.

  • Initially I thought the consequence for her was just a delay for her breast reconstruction, but after reading the summary a couple times I realized the key phrase was "skin sparing". In the original surgery a reconstruction would have been more feasible, but now she no longer has enough skin to cover the needed surface area. I assume something is still possible, but it will be riskier, more painful, less aesthetic, etc. I'd be curious to know what her options are now.

    That said, I'm surprised people didn't d

    • Re:"Skin sparing" (Score:5, Interesting)

      by fuzzyfuzzyfungus ( 1223518 ) on Saturday July 06, 2024 @09:34AM (#64604999) Journal
      Statistical analysis [ssrn.com] certainly suggests that hospital systems being down has an affect on mortality(patient volumes decline, which means some people are getting more ambulance time before treatment, and mortality rates for already-admitted patients go up); but there seem to be relatively few decisive "it definitely killed this one" stories where you can meet a fairly high standard of evidence in saying that a patient not admitted would have survived had it not been for X more minutes in the ambulance; or an admitted patient would definitely have survived had it not been for the EMR system not having that record of drug interactions available or if the lab that does whatever test had been running at full capacity.

      I'm not entirely sure how much of this is just down to uncertainty and the difficulty of attributing specific deaths within a high mortality population to specific delays or unavailable services vs. the easier task of noting that, on average, we don't add waits and skip tests because we think it leads to better outcomes; and how much of it is down to "people are dying here" being something everyone is happy to rally round when emphasizing the fact that ransomware operations are scumbags; but...less happy [bankinfosecurity.com] to admit when the family of that photogenic dead baby is coming after the hospital for a settlement on the theory that poor IT practices become medical negligence as soon as the systems being down gets somebody killed.
    • Initially I thought the consequence for her was just a delay for her breast reconstruction...

      As I read it that was certainly an option. But this wasn't "just" a delay because apparently this was a rather malignant form of cancer and any delay could be life threatening. The delay would have been a few days, but then I wonder (and I suspect the patient had this in mind too) that if something else went wrong she'd have to make that same choice that next Tuesday of another delay or no immediate reconstruction. She'd have taken on the risk of the delay and still lost out on sparing the skin for recon

    • She could have rescheduled her skin-saving procedure, but she already waited SIX MONTHS or more already. (Diagnosed in late 2023, surgery scheduled for June, 2024, per TFS).

      She was diagnosed with an an aggressive/fast-spreading form of breast cancer and endured 6 months of Chemo waiting for her surgery... is that typical for such diagnoses? Would someone outside NHS wait that long for surgery?

      • by piojo ( 995934 )

        I meant she can't reschedule just the reconstruction portion of the surgery. (If she gets reconstruction it will not be the operation that was planned.)

    • She can still get an implant, it just wonâ(TM)t be big and she may need a reduction on the other one to match.
  • by Anne Thwacks ( 531696 ) on Saturday July 06, 2024 @08:49AM (#64604959)
    1) use windows in any situation where live or limb is at risk

    2) supply, or offer to supply, Windows to any situation where live or lib is at risk

    3) Manage or pretend you are able to manage, a computer service if you do not
    (a) keep off-line backups
    (b) send transaction logs to remote storage in two or more remote locations other than the place where your off-line backups are kept - preferably at least one of these locations maintaining a live mirror of the main servers.
    (c) conduct a recovery from bare metal exercise at least once per financial year.

    4) employ anyone who fails the above tests

    I personally favour custodial sentences for installing Windows and/or failing to keep tape backups using Grandfather/Father/Son rotation. (I keep the "Father" tape off-site).

    Anyone in the management chain above the IT management should face charges of manslaughter if any person dies as a result of failing to do the above, whether directly or indirectly.

    The C-level team should be jointly and severally responsible for any and every criminal offence committed by an organisation

    It should be made explicit that claiming "corporate insanity" is not only not a valid defence, it is a crime in itself.

    2024: All of the above is released to the public domain.

    • "live or lib" should read "life, limb or liberty"

      (I pressed the wrong button)

    • 1) use windows in any situation where live or limb is at risk

      2) supply, or offer to supply, Windows to any situation where live or lib is at risk

      3) Manage or pretend you are able to manage, a computer service if you do not (a) keep off-line backups (b) send transaction logs to remote storage in two or more remote locations other than the place where your off-line backups are kept - preferably at least one of these locations maintaining a live mirror of the main servers. (c) conduct a recovery from bare metal exercise at least once per financial year.

      4) employ anyone who fails the above tests

      I personally favour custodial sentences for installing Windows and/or failing to keep tape backups using Grandfather/Father/Son rotation. (I keep the "Father" tape off-site).

      Anyone in the management chain above the IT management should face charges of manslaughter if any person dies as a result of failing to do the above, whether directly or indirectly.

      The C-level team should be jointly and severally responsible for any and every criminal offence committed by an organisation

      It should be made explicit that claiming "corporate insanity" is not only not a valid defence, it is a crime in itself.

      2024: All of the above is released to the public domain.

      This. So many people want to "get tough" and start executing the bad guys. Meh. That's dumb, and doesn't solve the fact that Hospitals and healthcare systems are an easy target because they have very little security. These breaches are not something that you have to be a genius to hack into and monetize for your group. The law would consider present systems as an "attractive nuisance". I would add to your list to keep this stuff off of "the cloud". Because we have no idea what the cloud provider has for se

      • by kenh ( 9056 ) on Saturday July 06, 2024 @10:10AM (#64605067) Homepage Journal

        So, anti-Windows Wizards, what should a hospital use instead of Windows?

        Linux?

        macOS?

        MVS?

        VMS?

        Migrating off Windows 'merely' requires software houses to completely rewrite their applications, that's all...

        Of course, there are things IT folks could do - commit to and practice security best practices including keeping servers/desktops up-to-date on patches.

        • So, anti-Windows Wizards, what should a hospital use instead of Windows?

          Linux?

          macOS?

          MVS?

          VMS?

          Migrating off Windows 'merely' requires software houses to completely rewrite their applications, that's all...

          Of course, there are things IT folks could do - commit to and practice security best practices including keeping servers/desktops up-to-date on patches.

          Leaving Windows would be a last step. As you note, there are a lot of practices that will make it a lot harder to get the now ubiquitous action of being pwned.

          1. I cannot stress this too much - no cloud no cloud no cloud. Did I say no cloud? If not - no cloud! The once incredible promise of the cloud, perfect security, much greater profit because you can get rid of those creepy IT people and their strange ways, has turned into a security risk, more than anyone should take. Have your own employees run yo

          • If your CIO is reporting to your CEO, you don't work for a real company.

          • Tl;de, but essentially you're saying: use the cloud. Amazon, Google or Microsoft is left as an exercise for the clueless boss who gets to decide. Got it, clear, thanks.

            /g

            • Tl;de, but essentially you're saying: use the cloud. Amazon, Google or Microsoft is left as an exercise for the clueless boss who gets to decide. Got it, clear, thanks.

              /g

              You should use the cloud. You're welcome.

              • I do, seriously. It's called nextcloud and it runs in my own PC. Did I get it right?
                • I do, seriously. It's called nextcloud and it runs in my own PC. Did I get it right?

                  Stays local, and all on computers you own?

                  • Yup. I guess I did it completely wrong, all bigger players outsource. I prefer to do things the amateur way. Although, Google, Microsoft and Amazon also use only their own stuff, right? Hmm, maybe there's an argument there...
                    • Yup. I guess I did it completely wrong, all bigger players outsource. I prefer to do things the amateur way. Although, Google, Microsoft and Amazon also use only their own stuff, right? Hmm, maybe there's an argument there...

                      We use a different definition of the cloud. My definition is that you do not store locally, but to a service like Azure, where you store files offsite, and pay someone else to maintain and provide security for you.

                    • Apologies, I was writing tongue in cheek and thought you were too, until now... My definition of the cloud comes down to "somebody else's computer" (in various ways) whereby no one ever got fired for using the cloud services of a big player, so it's nice cya for managers.

                      That said, in your definition with data in Azure, do you do processing locally or in the cloud/Azure and in the first case, don't you then have to do the security locally too?

                    • Apologies, I was writing tongue in cheek and thought you were too, until now... My definition of the cloud comes down to "somebody else's computer" (in various ways) whereby no one ever got fired for using the cloud services of a big player, so it's nice cya for managers.

                      That said, in your definition with data in Azure, do you do processing locally or in the cloud/Azure and in the first case, don't you then have to do the security locally too?

                      Yes, I do my own security. I regularly scan the computer and do so after installing programs. Usually using Wireshark, although activity monitor gets a workout at times. Scriptblockers are critical. I use AV as well, but don't think all that much of it. I use VPN as well, which gives me notifications when some malicious site tries to sideload on me. I use the log passphrase model with little tricks along the way.

                      Is this perfect? Oh hell no - there is no such thing. But it is almost certainly better than

                    • Ty, sounds solid.
      • by HBI ( 10338492 )

        I note the obvious solution is the one never mentioned.

        Just shut off the internet connection to any country that won't extradite.

        It would also simplify things immensely in terms of cyber warfare.

        Those who say it isn't possible aren't thinking hard enough.

      • by gweihir ( 88907 )

        This. So many people want to "get tough" and start executing the bad guys. Meh. That's dumb, and doesn't solve the fact that Hospitals and healthcare systems are an easy target because they have very little security.

        Indeed. But "dumb" and "violent" often nicely go together and these people are all good examples.

    • by flink ( 18449 ) on Saturday July 06, 2024 @09:30AM (#64604995)

      If you implemented (1), you'd have to take 100s or maybe thousands of models of medical devices out of service including imaging, infusion, monitoring, and radiology machines. Way more people would die due to that than any ransomware attack.

      • by Anne Thwacks ( 531696 ) on Saturday July 06, 2024 @02:56PM (#64605593)
        In the olden days, when I was involved in the design of medical instruments NO ONE USED Windows.

        No one, ever, has suggested that Windows could be made secure. And no one employed in IT does not know that Windows is a complete shower of shit. Especially those who have seen some of the source code.

        Body scanners use Windows these days? They certainly did not when I was involved in them.

        I have worked at several companies producing medical instruments - none used Windows - several used Linux. Some used other real time specific systems whose name I forget, but are well known to people who design that kind of stuff.

        I, for one would sack any employee who installed Windows on a company computer.

        Would you employ a security company that transferred cash in a 1940's Willys jeep?

        I have seen some of the Windows source code and it has about as securie as sellotaping your front door shut.

    • by fuzzyfuzzyfungus ( 1223518 ) on Saturday July 06, 2024 @09:58AM (#64605047) Journal
      Windows is absolutely the wrong choice for a number of applications; but I think you'd be...disappointed...if you think that just flat banning it will get you what you want.

      Of note; a number of the messy recent attacks were on aggressively oversold vendor *nix appliances(just off the top of my head Citrix Netscaler, Fortigate, and Palo Alto GlobalProtect); with attackers pivoting to whatever internal targets were handy from there. Those weren't kernel exploits, all stuff in the vendor binaries on top; but most of the world's practical exploits aren't kernel stuff(at least initially, more common if you need escalation of privilege once you've obtained low-privilege credentials or if you are looking for some of the sneakier persistence mechanisms); typically bugs in network-facing applications and exploitation of the capabilities of legitimate credentials, tokens, or tickets you can get your code running under through some combination of those application bugs and various flavors of credential theft and phishing. Especially for ransomware; where having elevated access certainly helps make a more thorough mess of the place more systematically; but large volumes of data are typically accessible with relatively unprivileged credentials.

      In some cases you even see situations where specialty or 'enterprise' vendors are probably worse on Linux; because the licensing situation gives them the ability to just ship an 'appliance'(physical or pre-canned VM) that contains god-knows-what and is the end result of years of neglect in their horrific pocket dimension of a hacky fork; and even if it weren't so brittle as to be basically unmodifiable it's explicitly unsupported if you touch anything beyond the EZ-config interface. At least the (similarly not-confidence-inspiring) Windows version had to support being installed and running on a mostly unmutilated Windows Server version that was still in support at the time they sold the software to you; since the legality of just keeping an NT4 fork chained in the basement for cruel abuse and neglect is trickier than that of doing the same with a godforsaken 2.6 fork.
    • Re: (Score:2, Interesting)

      by Anonymous Coward

      Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers [thehackernews.com]

      Mallox Ransomware Attacking Linux Servers In Wild – Decryptor Uncovered [cybersecuritynews.com]

        bad admin is bad admin and you sound like a bad admin...

    • by dddux ( 3656447 )

      Id they must use Windows, I don't know why they don't use Linux servers with terminals and virtualised Windows. It's so easy to maintain such systems. Maybe with time that would push the developers of this important software to make multi-os versions of it, or just a Linux version of it.

    • Windows is only targeted because people use it. If organizations were forced to move to Linux, the bad guys would just attack Linux. Targeting Windows does not solve the problem.

      Having standards in place for managing critical computers systems is more than reasonable, though attempting to differentiate incompetence from honest mistakes and unavoidable issues will never work.

    • by gweihir ( 88907 )

      You are arguing for solid engineering and engineering accountability. That is not how IT is done these days.

  • I don't care what country they are in, drone the perps who attack hospitals if the host country doesn't jail or surrender them.

    • by gweihir ( 88907 )

      And while we are at it, do the same to all terrorists! That will surely solve the problem! Not.

      • by Tablizer ( 95088 )

        Hackers want money for a fancy life, most terrorists are just zealots who think God wants them to bomb heathens/infidels.

        • by gweihir ( 88907 )

          I was merely, apparently to sibtly, pointing out that you need to have targets when doing drone-strikes. We do not have targets.

  • by untimly ( 9438201 ) on Saturday July 06, 2024 @09:10AM (#64604973)
    Once upon a time people laughed at the idea of putting critical infrastructure on the internet. I don't understand how it is still being pushed so hard
    • Because people prefer features over security. I talked to a high-level manager at a power plant. That's what he told me. He preferred them, too.
  • by stabiesoft ( 733417 ) on Saturday July 06, 2024 @09:10AM (#64604975) Homepage
    I can see a day coming where you can have 2 internet connections. The sewer line which connects you to anywhere in the world and the potable line where every connection is certified clean. Your potable line ISP and the customer are responsible (financially) for every packet put on the line. Most likely, the potable line is only connected within your country, or at least within a set of countries willing and able to keep the line clean. And you better never connect anything between the potable and sewer, just like my water company would be very unhappy if I pushed dirty water into the line. Backflow connectors are a thing in plumbing.
    • I can see a day coming where you can have 2 internet connections.

      No, just no.

      The sewer line which connects you to anywhere in the world and the potable line where every connection is certified clean.

      "certified"???? We don't care if some authority wipes their ass on a certificate, we care about the actual data going in and out not being malicious or subject to eavesdropping. Don't believe me? When's the last time you validated the TLS certs used as a regular part of your browsing?

      Your potable line ISP and the customer are responsible (financially) for every packet put on the line.

      Then it would be avoided like the plague, and Congress would be paid to create exceptions or loopholes for liability. No profit seeking business is going to use it unless forced, and with the recent SCOTUS decisi

      • I know quite well how ethernet works. You'd have two drops just like you have two pipes for your house. I get it would be a pain. But how much more pain is it than the now daily successful hacks into infrastructure, banks, hospitals, ... What will it take, a chernobyl in the US because some guy in Iran successfully hacked a US nuke plant? Can't happen, well lets see, we've seen energy pipelines, water treatment plants, banks, hospitals just to name a few that have been hacked. How long before a nuke goes po
    • by dskoll ( 99328 )

      That concept is called an "air gap" and it doesn't really work. Once you computer is compromised by malware on the "sewer" line, it will go on to compromised computers on the "clean" line.

      • I think you missed my "you are financially responsible" part. You'd have 2 computers. Granted most would only have one, and be on the sewer. Although given the price of a cheap laptop these days, why not have a second for connecting to your bank, doc, etc.
  • by Rosco P. Coltrane ( 209368 ) on Saturday July 06, 2024 @09:35AM (#64605003)

    As a former cancer patient who was given the choice between foregoing a few bits or trying limb salvage with a risk that the big C might not be rid of totally, I didn't hesitate for more than a couple seconds: chop-chop Doc, I'll deal with the inconveniences later. If I'm dead, what good will it do me if I go to my grave four-limbed?

    That's a bummer for the lady, but she can already get her breast reconstructed later. It might not be perfect or as good a reconstruction as if she had had it done on the spot, but she will be alive. Priorities... Trust me on that one.

    • As a former cancer patient who was given the choice between foregoing a few bits or trying limb salvage with a risk that the big C might not be rid of totally, I didn't hesitate for more than a couple seconds: chop-chop Doc, I'll deal with the inconveniences later. If I'm dead, what good will it do me if I go to my grave four-limbed?

      That's a bummer for the lady, but she can already get her breast reconstructed later. It might not be perfect or as good a reconstruction as if she had had it done on the spot, but she will be alive. Priorities... Trust me on that one.

      I don't think the point of the story was that she had trouble making the decision.

      Instead it's the consequences of the ransomware attack, typically it's "stuff was chaotic and someone died, but they might have died anyways".

      This is one of the few cases where they can draw a direct line between a ransomware attack and a clear adverse health outcome.

    • by gweihir ( 88907 )

      The "modern person" does not understand priorities and, worse, is always a victim.

  • Cause (Score:5, Insightful)

    by Gravis Zero ( 934156 ) on Saturday July 06, 2024 @09:54AM (#64605041)

    The hospital deemed the reconstruction part of the procedure too risky because Synnovis was unable to support blood transfusions until its systems were back online.

    Personal opinion but the blood supply/reserves seems like the one system that have been made immune to attack because in times of war, people don't play nice. At the very least it should have a dedicated terminal with database (that is updated daily) of the so that in cases of network/system failure that you can put someone in charge of managing the blood.

    People don't take security, resiliency, or redundancy seriously so you get bad outcomes like this.

    • by gweihir ( 88907 )

      In time of war, people die. Often more civilians than soldiers. And no, this is not "the one system" that is critical. Pretty much everything is critical.

  • by kenh ( 9056 ) on Saturday July 06, 2024 @09:55AM (#64605043) Homepage Journal

    The 36-year-old [...] was diagnosed with HER2-positive breast cancer in late 2023.

    OK.

    It's an aggressive form known for spreading faster and is more commonly recurring, which necessitates urgent treatment.

    OK.

    Hanna soon began a course of chemotherapy following her diagnosis until she was able to have what will hopefully be the first and only major procedure to remove the disease. Between then and the operation, which was scheduled for June 7

    WHAT? She waited over six months for life-saving cancer treatment for her cancer, an aggressive form known for spreading faster and is more commonly recurring, which necessitates urgent treatment.

    • Welcome to health care in 2024.
      • by fjo3 ( 1399739 )
        No - welcome to the NHS in 2024. The UK and Canadian health care systems are practically worthless these days. Not enough doctors, nurses, surgeons. It's gotten completely ridiculous, and there is no solution in sight. The backlog is horrible - sometimes it takes years, so this was actually a quick response all things considered. There can be other factors too. I had brain surgery last year, stage 3 cancer (in remission!), but they had to postpone my surgery for over a year to allow my liver to heal - I wa
    • That's socialized medicine for you - "We can diagnose you now but you will have to wait an eternity for treatment."
      • Nah, that's sabotaged medicine for you, the Tories bled the system dry on purpose, to achieve just this effect. I can do the same with private healthcare, just cut every doctors salary by half, and defer all maintenance, and invest zero into any upgrade. Same result.
    • by gweihir ( 88907 )

      WHAT? She waited over six months for life-saving cancer treatment for her cancer, an aggressive form known for spreading faster and is more commonly recurring, which necessitates urgent treatment.

      After and as a result of Brexit, the NHS has gone down the drains.

    • No, she started treatment immediately after her diagnosis. The chemotherapy shrinks the tumour, stops it spreading, and can remove some cells that have already spread. It's very common to have chemotherapy for a period before surgery - it increases the chance of successful surgery,

      The NHS will quite happily remove a tumour in the same week that it's detected, where that is the appropriate treatment option. Often it isn't.

  • I worked for a hospital in California doing their IT. I consolidated their 40+ servers down to 6 with a fault tolerant cluster solution. Downtime was a PITA, because even at 2am they would get the drunk rush of patients in the ER.

    The hospital was supposed to be able to run on paper. They didn't like to do it, but it was doable. Any business that is 100% reliant on computers to function is going to be f-ed sooner or later.

    I got out of the field, but I remember telling my clients "Don't move your stuff to the

  • Jesus... just do the correct operation and sort it out later.
  • Between June 24-30, there were 1,517 cute outpatient appointments and 136 electric procedures [...]

    But somehow the correct words were used in the very next sentence. Hey, wanna know an editorial secret? Just because it passes spellcheck doesn't mean it's right.

    I'd suspect you were farming out editorial work to ChatGPT, but I'm pretty sure that no matter what else it made up ChatGPT would at least have used the right words.

Some people manage by the book, even though they don't know who wrote the book or even what book.

Working...